package jdbc;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;

public class TestSelect2 {
    private static Connection conn = null;
    private static PreparedStatement ps = null;
    private static ResultSet rs = null;
    public static void main(String[] args) throws Exception {
        Class.forName("com.mysql.jdbc.Driver");
        String url = "jdbc:mysql://localhost:3306/tedu?useUnicode=true&characterEncoding=utf8";
        String user = "root";
        String pwd = "root";
        conn = DriverManager.getConnection(url, user, pwd);
        System.out.println("连接成功~~");

        int regionID = 2;
        String regionName = "'or'1'='1";

        String sql = "SELECT id,name FROM location where id = " + regionID + " AND name = '" + regionName + "'";
        ps = conn.prepareStatement(sql);
        rs = ps.executeQuery();
        System.out.println(rs.next() == true ? "记录存在" : "记录不存在");
        rs.close();
        ps.close();
        conn.close();


    }
}
